I have a client that I want to attempt to negotiate TLS 1.2 but will accept TLS 1.0. What is the magic incantation (e.g. TLSv1_client_method() vs TLSv1_2_client_method() in conjunction with what options)?
Specifying TLSv1_client_method() seems to only offer TLS 1.0 {3,1}. Specifying TLSv1_2_client_method() offers TLS 1.2 {3,3}, but then when the server returns a TLS 1.0 {3,1} ServerHello, the client generates a Protocol Version alert. How do I tell the client that this is acceptable? Appendix E of RFC 5246 indicates this should be possible. I am using OpenSSL 1.0.1c. .................................... Erik Tkal Juniper OAC/UAC/Pulse Development ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org